Elastic Security Engineer - SIEM Migration
THE JUDGE GROUP, INC.
Albany, United States of America
25 days ago
Role details
Contract type
Temporary to permanent Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Compensation
$ 166KJob location
Albany, United States of America
Tech stack
Computer Security
Security Information and Event Management
Splunk
Job description
- Lead and support a time-sensitive migration from Splunk to Elastic Security / SIEM
- Analyze existing Splunk use cases, detections, and rules, and convert them into Elastic-compatible rules
- Design and implement SIEM transition plans aligned with aggressive project timelines
- Configure, optimize, and tune Elastic Security and Observability components
- Support testing, validation, and troubleshooting throughout the migration lifecycle
- Provide hands-on production support during and post-migration
- Collaborate closely with technical teams and project stakeholders in an FTE-style engagement model
- Contribute to security operations maturity as part of a growing security organization, with potential conversion to full-time consulting role based on performance
Requirements
- Strong, hands-on experience with Splunk migrations and SIEM transitions
- Proven experience working with Elastic Security, Elastic Observability, and/or Elastic SIEM
- Experience writing Splunk rules and converting them into Elastic detection rules
- Prior experience migrating to or from Splunk and/or Elastic
- Availability to work in or near Albany, NY during the project timeframe (preferred)
- Ability to operate in fast-paced, deadline-driven environments
- Elastic certification or willingness to obtain certification by June